We have noticed two issues in SonicWall's logging that you need to be aware of if you are running SonicOS 6.2.7 and above, and you need to report or alert on search terms entered into Google.
Unfortunately, all traffic going through SonicWall's DPI-SSL feature is logged with incredibly small size values - only a few bytes for each URL. This means that you will not see any DPI-SSL traffic in Fastvue Reporter's bandwidth dashboards or reports, as it essentially gets drowned out by all the correctly logged HTTP traffic. This article explains your options.
This article describes how to use Fastvue Reporter for SonicWall to report on machines potentially infected with WannaCry Ransomware on your network. The first and second variations of WannaCry ransomware access specific domains before the installation phase. You can therefore report on all machines that have accessed these domains to help identify potentially infected machines.
SonicWALL have released a firmware update (6.2.6.0-20n) that features a complete re-working of their Content Filtering System (CFS), as well as a new sandboxing feature called Capture Advanced Threat Protection (ATP) feature.These new features are amazing, but there is a problem we'd like all our customers to be aware of before upgrading.
The Fastvue Reporter for SonicWALL Getting Started Guide recommends not to install Fastvue Reporter on your SonicWALL Analyzer or GMS server as both applications install a web server and compete for port 80 and [...]
Fastvue Reporter for SonicWALL analyzes log messages from any SonicWALL device and provides important insights on the data flowing in and out of your organization in the form of live dashboards, alerts and reports. Behind the scenes, integration with corporate directories (Active Directory, LDAP) enables simplified Internet usage reporting across departments, IT security groups, offices, and of course users.